Puppet Installation and Configuration

Non-Commercial

Introdution

When you think of a configuration management tool, the one pop up in your mind is Puppet. Puppet does not require an introduction, but if you still want to know; it is an open-source configuration management tool, helps you to deploy and manage the configurations of hundreds of client systems from the central location.Puppet makes the system admin’s life easier by cutting down on time spending on repetitive task and allows them to work on other productive works, also ensures that all the configuration are consistent across the infrastructure.Puppet is available for Linux, Mac, BSD, Solaris and Windows-based computer Systems, released under Apache License, written in “Ruby” language.This guide helps you to install Puppet Server on ubuntu

Architecture:

Agent / Master:

In this architecture, one or more servers run the puppet master application and puppet agent application runs on managed nodes (client servers), usually as a background service.Puppet agent will send facts to the puppet master and request a catalog in the particular interval. The puppet master will compile and return that particular node’s catalog, using the sources of information it has access to.The Stand-Alone Architecture:In this architecture, client node runs the puppet apply application, usually as a cron job.

Prerequisites

Install NTP:

Time must be set accurately on puppet master that will be acting as a certificate authority to sign the certificates coming from the client nodes. We will use NTP for this purpose.Install the NTP package and perform the time sync with upstream NTP servers.

Optional: Ensure that all the nodes are in same time zone using date command. If there are any discrepancies, change it accordingly.List the available time zones.

$ timedatectl list-timezones

Set the time zone using the following command.

$ sudotimedatectl set-timezone Europe/London

DNS:

Puppet uses the hostname to communicate with the client machine, so make sure they can resolve the hostname each other, either setup /etc/hosts file or DNS server.To install the puppet master/agent, we would require to setup a puppet repository on the all the nodes.Note: Setup on both master and agent nodes.Get the PupperLabs repository rpm and install it.

Installing Puppet server

Puppet Server is the server software that runs on the puppet master node. Puppet master pushes the configurations to client nodes; in which the puppet agent will be running.Install the Puppet server using below command.

$ sudo apt-get install -y puppetserver

Puppet server is now installed, do not start the puppet server service yet.Configure Puppet Server:Memory Allocation (Optional):By default, Puppet Server JVM is configured to use 2GB of RAM. You can always customize the memory usage depends on how much memory your master node has; ensure that it is enough for managing all the nodes connected to it.To change the value of memory allocation, edit the below file.

$ sudonano /etc/default/puppetserver

Change the value shown like below.From:

JAVA_ARGS="-Xms2g -Xmx2g

To:

For 512MB, use below settings.JAVA_ARGS="-Xms512m -Xmx512m"

StartPuppetServer

Puppet master does not require any configuration; you can simply start the puppetserver service. It will use the default settings.For ex: dns_alt_names (puppet, <hostname of the server>).

Puppet Server vs. Apache/Passenger Puppet Master:

Puppet Server is now a drop-in replacement for the existing Apache/Passenger Puppet master stack. So we will not be configuring the passenger-stack here.

InstallPuppetAgent

Install the puppet agent using below command.

$ sudo apt-get install -y puppet-agent

Puppet agent also uses some of the default settings to connect to the master node. But, we need to edit the puppet configuration file and set puppet master information.Note: Set “server” value as per your master node name. In my case, the server is “server.hans-karri” and certname is my client hostname (client.hans-karri).

You can change the value of runinterval depends on the requirement, you can set the value in seconds; this controls how long agent should wait between the two catalog requests.Start puppet agent on the node and make it start automatically on system boot.

Sign the Agent Nodes Certificate on Master Server:

In an agent/master deployment, an admin must approve a certificate request for each agent node before that node can fetch configurations. Agent nodes will request certificates for the first time they attempt to run.Log into the puppet master server and run below command to view outstanding requests.

Creating our first manifest

Manifest is a data file which contains client configuration’s, written in Puppet’s declarative language or a Ruby DSL. This section covers the basic manifest to create a directory as well as a file on the client machine.Main puppet manifest file is located at /etc/puppetlabs/code/environments/production/manifests/site.ppNow add the following lines to the manifest to create a directory on the client node.PS: If the node variable is not set, this manifest will apply to all the nodes connected to the puppet master.

You can go to the client machine and retrieve the catalog as shown the previous example.That’s All. Now, you have successfully configured puppet server and an agent.

Puppet manifests for setting up webserver

Below is a sample manifest that I have created for web servers. This will give you the option to both install/uninstall a web server if required. You’ll notice it uses the facter facts for check for both OS and architecture to install the correct RPMS (Centos). Though you could easily take this as a template and expand to Ubuntu with the correct package names